[Tiptoi] Tiptoi hacking

Sven A. Huerlimann sh at sighup.ch
So Dez 31 00:03:37 CET 2017 

Hi Björn

What do you mean by: "enter the BIOS"? That could be very helpful for me.

About the memory map:

section 1 is the Boot-ROM (afik)

section 2 is the 192k L2 Memory (The larger memory)

section 3: there should be some 64k of on chip ram somewhere (but this
could also be banked in on section 1 memory range after the boot rom
finished)

Cheers

sven


Am 30.12.17 um 22:19 schrieb Bjoern:
> Hi Matthias,
>
> When I read out the NAND directly by a Raspberry Pi, the data was not
> really reliable because some bits always toggled.
> Is your reading method giving accurate, reproducable results or are
> toggled bits an inherent effect of reading raw data from NANDs (hence
> using ECC is mandatory) or ?
>
> I have meanwhile managed to enter the BIOS of the TT. This BIOS offers
> the following commands:
> - download
> - setvalue
> - go
> - dump
>
> From what I could see so far, only two memory sections contain data:
> section 1:    0x0000'0000 - 0x0000'FFFF
> section 2:    0x0800'0000 - 0x0802'FFFF
>
> Section 1 is almost sure the BIOS itself, about the meaning of section
> 2 I have no idea (RAM?).
> If you think it might support you with your efforts, I can describe
> the steps for entering the BIOS mode more in detail.
>
> Cheers
> Björn
>
>
>
> Am 30.12.2017 um 18:22 schrieb Matthias Weber:
>> Hi Werner and list,
>>
>> up to my current knowledge, nobody is able to perform a firmware update
>> of the pen. If I'm wrong, I'd be happy to read how it is done.
>>
>> So far we've taken a dump of a tiptoi pen's flash memory and are trying
>> to find out how the firmware update is done or how we can get a
>> workaround to flash new firmware.
>>
>> It will be helpful to understand the memory mapping of the peripherals
>> connected to/ used by the ARM core (UART, flash interfaces). That's what
>> Sven has started to work on. We'd be happy to get any support here.
>>
>> Cheers,
>> Matthias
>>
>>
>> Werner Beroux wrote:
>>> I updated the
>>> bug https://github.com/entropia/tip-toi-reveng/issues/171 as I kind of
>>> bricked my Tiptoi. Wondering if you had some known way to unbrick the
>>> device, flash it, or change language on a working device?
>>>
>
>
>

-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <https://lists.nomeata.de/pipermail/tiptoi/attachments/20171231/d01c13c4/attachment.htm>

Mehr Informationen über die Mailingliste tiptoi